In this article

There are various methods that can be employed to automatically update the status of countermeasures and threats using Rules and this can help to to reduce the time and effort in the review stages of threat modelling.

In this worked example, lets us say the countermeasure "Control access to AWS WAF resources" which has been mapped to the "AWS WAF" is known to have been mitigated.

In this article, we create a Custom field which, based on a predefined value, is then used as a conditional requirement to update the status of the countermeasure. This approach further allows for a visible audit trail of showing countermeasures that have been automatically updated.

Permissions required

ROLES_UPDATE

EDIT_RULES

SYSTEM_SETTINGS_UPDATE

SYSTEM_SETTINGS_VIEW

Instructions

1. In the Custom Fields tab, create a Custom field CMs Mitigated on Components at the Project level and set the following:

Type = Text

Default Value = AWS WAF

This creates the Custom Field group Misc Project at project level containing the Custom Field CMs Mitigated on Components:

2. In the Rules > Rules Editor tab, create the following two rules for the AWS WAF component:

Rule 1:

Here we set the value of the custom field created in step 1 to AWS WAF when the condition has been met. In this case, when an AWS WAF component has been imported.

Rule 2:

Here we set the status of the countermeasure Control access to AWS WAF resources to Implemented when the condition has been met. In this case, if the custom field created in step 1 equals the value AWS WAF.  Since the default value has already been set to this, the condition will be met automatically.   

The effect of these steps is to update the countermeasure Control access to AWS WAF resources status to Implemented when user brings this component into the diagram and updates the threat model: